| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241114154442.25920-1-tiwai@suse.de>
Date: Thu, 14 Nov 2024 16:44:41 +0100
From: Takashi Iwai <tiwai@...e.de>
To: linux-mtd@...ts.infradead.org
Cc: Joern Engel <joern@...ybastard.org>,
Miquel Raynal <miquel.raynal@...tlin.com>,
Richard Weinberger <richard@....at>,
Vignesh Raghavendra <vigneshr@...com>,
linux-kernel@...r.kernel.org,
Fabian Vogt <fvogt@...e.com>
Subject: [PATCH] mtd: phram: Add the kernel lock down check
The phram MTD driver may map any memory pages no matter whether it's
reserved or whatever used for systems, which basically allows user
bypassing the lock down.
Add the check and abort the probe if the kernel is locked down for
LOCKDOWN_DEV_MEM.
Reported-by: Fabian Vogt <fvogt@...e.com>
Suggested-by: Fabian Vogt <fvogt@...e.com>
Signed-off-by: Takashi Iwai <tiwai@...e.de>
---
drivers/mtd/devices/phram.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/mtd/devices/phram.c b/drivers/mtd/devices/phram.c
index 1bf192f229d7..48abfb81ef66 100644
--- a/drivers/mtd/devices/phram.c
+++ b/drivers/mtd/devices/phram.c
@@ -30,6 +30,7 @@
#include <linux/platform_device.h>
#include <linux/of_address.h>
#include <linux/of.h>
+#include <linux/security.h>
struct phram_mtd_list {
struct mtd_info mtd;
@@ -410,6 +411,10 @@ static int __init init_phram(void)
{
int ret;
+ ret = security_locked_down(LOCKDOWN_DEV_MEM);
+ if (ret)
+ return ret;
+
ret = platform_driver_register(&phram_driver);
if (ret)
return ret;
--
2.43.0
Powered by blists - more mailing lists